IPsec is extremely reliable and compatible with many devices.
In fact, it is an obvious choice when you need to create net2net connections
between firewalls of different manufacturers.

Unlike OpenVPN configuration, in an IPsec tunnel, firewalls are considered peers.

If you are creating a tunnel between two NethServer, given the firewalls A and B:

Configure the server A and specify the remote address and LAN of server B.
If the Remote IP field is set to the special value %any,
the server waits for connections from the other endpoint.

Configure the second firewall B by mirroring the configuration from A inside the remote section.
The special value %any is allowed in one side only!

If an endpoint is behind a NAT, the values for Local
identifier and Remote identifier fields must be set to
custom unique names prepended with @. Common names are the
geographic locations of the servers, such as the state or city name.